2024-05-17 07:59:51 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
|
|
import (
|
2024-05-17 12:36:00 +00:00
|
|
|
"context"
|
2024-05-17 07:59:51 +00:00
|
|
|
"fmt"
|
2024-06-16 15:24:54 +00:00
|
|
|
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/database"
|
|
|
|
|
"git.solsynth.dev/hydrogen/paperclip/pkg/internal/grpc"
|
2024-05-17 07:59:51 +00:00
|
|
|
"net/url"
|
|
|
|
|
"path/filepath"
|
|
|
|
|
|
2024-05-20 12:02:44 +00:00
|
|
|
"git.solsynth.dev/hydrogen/passport/pkg/grpc/proto"
|
|
|
|
|
|
2024-05-17 07:59:51 +00:00
|
|
|
"git.solsynth.dev/hydrogen/paperclip/pkg/models"
|
|
|
|
|
"git.solsynth.dev/hydrogen/paperclip/pkg/services"
|
|
|
|
|
"github.com/gofiber/fiber/v2"
|
|
|
|
|
jsoniter "github.com/json-iterator/go"
|
|
|
|
|
"github.com/samber/lo"
|
|
|
|
|
"github.com/spf13/viper"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func openAttachment(c *fiber.Ctx) error {
|
2024-05-20 14:31:55 +00:00
|
|
|
id, _ := c.ParamsInt("id", 0)
|
2024-05-17 07:59:51 +00:00
|
|
|
|
2024-05-20 14:31:55 +00:00
|
|
|
metadata, err := services.GetAttachmentByID(uint(id))
|
2024-05-17 07:59:51 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return fiber.NewError(fiber.StatusNotFound)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
destMap := viper.GetStringMap("destinations")
|
|
|
|
|
dest, destOk := destMap[metadata.Destination]
|
|
|
|
|
if !destOk {
|
|
|
|
|
return fiber.NewError(fiber.StatusInternalServerError, "invalid destination: destination configuration was not found")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var destParsed models.BaseDestination
|
|
|
|
|
rawDest, _ := jsoniter.Marshal(dest)
|
|
|
|
|
_ = jsoniter.Unmarshal(rawDest, &destParsed)
|
|
|
|
|
|
|
|
|
|
switch destParsed.Type {
|
|
|
|
|
case models.DestinationTypeLocal:
|
|
|
|
|
var destConfigured models.LocalDestination
|
|
|
|
|
_ = jsoniter.Unmarshal(rawDest, &destConfigured)
|
2024-06-01 14:15:41 +00:00
|
|
|
if len(metadata.MimeType) > 0 {
|
|
|
|
|
c.Set(fiber.HeaderContentType, metadata.MimeType)
|
|
|
|
|
}
|
|
|
|
|
return c.SendFile(filepath.Join(destConfigured.Path, metadata.Uuid), false)
|
|
|
|
|
|
2024-05-17 07:59:51 +00:00
|
|
|
case models.DestinationTypeS3:
|
|
|
|
|
var destConfigured models.S3Destination
|
|
|
|
|
_ = jsoniter.Unmarshal(rawDest, &destConfigured)
|
|
|
|
|
protocol := lo.Ternary(destConfigured.EnableSSL, "https", "http")
|
|
|
|
|
return c.Redirect(fmt.Sprintf(
|
|
|
|
|
"%s://%s.%s/%s",
|
|
|
|
|
protocol,
|
|
|
|
|
destConfigured.Bucket,
|
|
|
|
|
destConfigured.Endpoint,
|
|
|
|
|
url.QueryEscape(filepath.Join(destConfigured.Path, metadata.Uuid)),
|
|
|
|
|
))
|
2024-06-01 14:15:41 +00:00
|
|
|
|
2024-05-17 07:59:51 +00:00
|
|
|
default:
|
|
|
|
|
return fmt.Errorf("invalid destination: unsupported protocol %s", destParsed.Type)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func getAttachmentMeta(c *fiber.Ctx) error {
|
2024-05-20 14:31:55 +00:00
|
|
|
id, _ := c.ParamsInt("id")
|
2024-05-17 07:59:51 +00:00
|
|
|
|
2024-05-20 14:31:55 +00:00
|
|
|
metadata, err := services.GetAttachmentByID(uint(id))
|
2024-05-17 07:59:51 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return fiber.NewError(fiber.StatusNotFound)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return c.JSON(metadata)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func createAttachment(c *fiber.Ctx) error {
|
|
|
|
|
user := c.Locals("principal").(models.Account)
|
|
|
|
|
|
|
|
|
|
destName := c.Query("destination", viper.GetString("preferred_destination"))
|
|
|
|
|
|
|
|
|
|
hash := c.FormValue("hash")
|
|
|
|
|
if len(hash) != 64 {
|
|
|
|
|
return fiber.NewError(fiber.StatusBadRequest, "please provide a sha-256 hash code, length should be 64 characters")
|
|
|
|
|
}
|
|
|
|
|
usage := c.FormValue("usage")
|
|
|
|
|
if !lo.Contains(viper.GetStringSlice("accepts_usage"), usage) {
|
|
|
|
|
return fiber.NewError(fiber.StatusBadRequest, fmt.Sprintf("disallowed usage: %s", usage))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
file, err := c.FormFile("file")
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-17 12:36:00 +00:00
|
|
|
requiredPerm, _ := jsoniter.Marshal(file.Size)
|
|
|
|
|
if result, err := grpc.Auth.CheckPerm(context.Background(), &proto.CheckPermRequest{
|
|
|
|
|
Token: c.Locals("token").(string),
|
|
|
|
|
Key: "CreatePaperclipAttachments",
|
|
|
|
|
Value: requiredPerm,
|
|
|
|
|
}); err != nil {
|
|
|
|
|
return fiber.NewError(fiber.StatusInternalServerError, fmt.Sprintf("failed to check permission: %v", err))
|
|
|
|
|
} else if !result.GetIsValid() {
|
|
|
|
|
return fiber.NewError(
|
|
|
|
|
fiber.StatusForbidden,
|
|
|
|
|
fmt.Sprintf("requires permission CreatePaperclipAttachments equals or greater than %d", file.Size),
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-20 12:02:44 +00:00
|
|
|
usermeta := make(map[string]any)
|
2024-05-17 07:59:51 +00:00
|
|
|
_ = jsoniter.UnmarshalFromString(c.FormValue("metadata"), &usermeta)
|
|
|
|
|
|
|
|
|
|
tx := database.C.Begin()
|
|
|
|
|
metadata, linked, err := services.NewAttachmentMetadata(tx, user, file, models.Attachment{
|
|
|
|
|
Usage: usage,
|
|
|
|
|
HashCode: hash,
|
|
|
|
|
Alternative: c.FormValue("alt"),
|
|
|
|
|
MimeType: c.FormValue("mimetype"),
|
2024-05-20 12:02:44 +00:00
|
|
|
Metadata: usermeta,
|
2024-05-17 07:59:51 +00:00
|
|
|
IsMature: len(c.FormValue("mature")) > 0,
|
|
|
|
|
Destination: destName,
|
|
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
tx.Rollback()
|
|
|
|
|
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !linked {
|
|
|
|
|
if err := services.UploadFile(destName, c, file, metadata); err != nil {
|
|
|
|
|
tx.Rollback()
|
|
|
|
|
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
tx.Commit()
|
|
|
|
|
|
|
|
|
|
return c.JSON(metadata)
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-20 12:02:44 +00:00
|
|
|
func updateAttachmentMeta(c *fiber.Ctx) error {
|
2024-05-20 14:31:55 +00:00
|
|
|
id, _ := c.ParamsInt("id", 0)
|
2024-05-20 12:02:44 +00:00
|
|
|
user := c.Locals("principal").(models.Account)
|
|
|
|
|
|
|
|
|
|
var data struct {
|
|
|
|
|
Alternative string `json:"alt"`
|
|
|
|
|
Usage string `json:"usage"`
|
|
|
|
|
Metadata map[string]any `json:"metadata"`
|
|
|
|
|
IsMature bool `json:"is_mature"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := BindAndValidate(c, &data); err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var attachment models.Attachment
|
|
|
|
|
if err := database.C.Where(models.Attachment{
|
2024-05-20 14:31:55 +00:00
|
|
|
BaseModel: models.BaseModel{ID: uint(id)},
|
2024-05-20 12:02:44 +00:00
|
|
|
AccountID: user.ID,
|
2024-05-20 14:31:55 +00:00
|
|
|
}).First(&attachment).Error; err != nil {
|
2024-05-20 12:02:44 +00:00
|
|
|
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
attachment.Alternative = data.Alternative
|
|
|
|
|
attachment.Usage = data.Usage
|
|
|
|
|
attachment.Metadata = data.Metadata
|
|
|
|
|
attachment.IsMature = data.IsMature
|
|
|
|
|
|
|
|
|
|
if err := database.C.Save(&attachment).Error; err != nil {
|
|
|
|
|
return fiber.NewError(fiber.StatusBadRequest, err.Error())
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return c.JSON(attachment)
|
|
|
|
|
}
|
|
|
|
|
|
2024-05-17 07:59:51 +00:00
|
|
|
func deleteAttachment(c *fiber.Ctx) error {
|
|
|
|
|
id, _ := c.ParamsInt("id", 0)
|
|
|
|
|
user := c.Locals("principal").(models.Account)
|
|
|
|
|
|
|
|
|
|
attachment, err := services.GetAttachmentByID(uint(id))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return fiber.NewError(fiber.StatusNotFound, err.Error())
|
|
|
|
|
} else if attachment.AccountID != user.ID {
|
|
|
|
|
return fiber.NewError(fiber.StatusNotFound, "record not created by you")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := services.DeleteAttachment(attachment); err != nil {
|
|
|
|
|
return fiber.NewError(fiber.StatusInternalServerError, err.Error())
|
|
|
|
|
} else {
|
|
|
|
|
return c.SendStatus(fiber.StatusOK)
|
|
|
|
|
}
|
|
|
|
|
}
|
